Most insurers know its important to have control ofand insight intoall areas of the business, especially at a time when financial organizations are heavily scrutinized.
According to the study, 93% have consistent policies for supported application software/licenses at the endpoints, and more than 80% have deployed anti-virus, anti-malware, personal firewalls, intrusion detection/intrusion prevention, patch management, software distribution and IT asset management technologies.
Findings from the study suggest that leading organizations in managing and securing their endpoint systems give first priority to protecting and managing their endpoints from the platform and network perspective. Building on this foundation, they currently focus on protecting and managing their applications and are beginning to focus on protecting and managing their data.
Data-centric solutions, such as data loss prevention and online backup and recovery, are currently emerging for the companies that participated in the study, Aberdeen says. The exception is full-disk encryption, which currently is deployed by a much higher percentage of Aberdeen-designated Best-in-Class companies. To distinguish Best-in-Class companies, Aberdeen used the year-over-year changes in the number of security-related incidents, number of non-compliance incidents and total management costsall related to their endpoint systems.
The use of technologies by the Best-in-Class companies includes:
Baseline technologies anti-virus, anti-spyware, intrusion detection/prevention, personal firewalls, patch management, configuration and change management, and software inventory
Early adoption technologies application virtualization, application controls/application whitelisting, endpoint device/port controls and network access control
Technology differentiators software distribution, IT asset management and full-disk encryption
Emerging technologies data loss prevention and online backup/recovery
The drivers of these investments include increased mobility of sensitive business information, actual security-related incidents, such as data loss or data exposure and the risks represented by the unrelenting flow of threats and vulnerabilities from external sources.
Not many companies have extra room in their budgets for additional investments right now, so cost-efficiency is key. Aberdeens study shows that Best-in-Class organizations have reduced the costs related to endpoint security and management several ways, including year-over-year reductions in the number of security incidents related to endpoints, the average time and cost to identify and address them, the number of audit deficiencies related to endpoints, and the average time and cost to address them.
In its study, Aberbeen recommends a number of actions:
Standardize on endpoint systems, configurations, and implementation and rollout processes
Establish an overall approach to endpoint protection and management; the findings from this benchmark can serve as a guideline for a rational order of appearance
Automate (as much as possible) the process of assessing, prioritizing and remediating security-related issues; also automate the process of packaging, provisioning and installing software and configuration changes
Invest in documentation, awareness and training for end-users
Measure and monitor regularly; drive continuous improvements by finding and eliminating root causes for exceptions, security events and audit deficiencies